This weekly update contains 8 new modules and fixes 1 issue.
- Java Debug Wire Protocol Remote Code Execution by Christophe Alladoum, Michael Schierl, and Redsadic exploits OSVDB-96066
- Easy File Management Web Server Stack Buffer Overflow by Julien Ahrens, TecR0c, and superkojiman exploits OSVDB-107241
Auxiliary and post modules
- Chromecast YouTube Remote Control by wvu
- MongoDB NoSQL Collection Enumeration Via Injection by Brandon Perry
- Cisco SSL VPN Bruteforce Login Utility by Jonathan Claudius
- OpenSSL Server-Side ChangeCipherSpec Injection Scanner by juan vazquez, Craig Young, and Masashi Kikuchi exploits CVE-2014-0224
Notable Changes and Resolved Issues
- 8796 - Support TLS Server response parsing
How to Upgrade
Metasploit Pro is upgraded using the Administration menu and choosing the option Software Upgrade. To see how to upgrade your Metasploit installation, view this video in the Rapid7 Community.
PRO 4.9.3 updates to 4.9.3-2014061801
MSF3 4.9.3 updates to 4.9.3-2014061801